The prior art describes several security related devices and configurations applicable to access and operation through the Internet. Security needs have to be constantly revised in face of the increasing sophistication of resources used to bypass security systems and fraud electronic access to Internet banking and e-commerce. In countries such as the United States of America, the high efforts and investments made to thwart criminal actions performed by hackers precisely illustrate the importance of guaranteeing user-friendly secure online transactions. Many online and Internet operations use sophisticated security procedures which are based on high levels of complexity in an attempt to guarantee the security in accessing online services which involve private or confidential information. However, this increased complexity results in difficulties posed to legitimate users in accessing such services. This, in its turn, results in a lower-than-optimum level of adherence, by users, to existing forms of online services.
Other apparently more rigorous security schemes, such as those offered on online banking websites are examples of what was explained above. Those services behave as if only the user could visualize and/or access the service. Authentication processes based solely on the user (i.e. user/password) are susceptible to password tracking. The univocal correspondence between a user and his password eases fraud, either by password cloning or by cloning accessed webpages.
As an example of the technique, the Irish invention no. 83221 refers to a means of uniquely identifying computers and systems. The invention, on the other hand, is able to create signatures that identify a device using only logical information and, jointly with the univocal framework and related processes that constitute it, it proposes a security system able to complement or substitute traditional authentication procedures. Although signatures or the idea of using extended positivation scheme for computational devices have existed for a long time, the invention's uniqueness relies on its process, i.e., its client/server architecture conceived to complement or substitute usual authentication systems.
Therefore, what is claimed in document no. 83221 involves the creation of an unique signature for a device (where a device stands for a processor or a processor set composing a network) based on response time statistical distribution and other measurements for physical identification of the devices, used for purposes that may or may not be applicable for conventional authentication schemes. The identification process proposed in this document also uses some logical techniques, however, unlike the invention, these techniques are used as a complement. The logical techniques proposed in the document 83221 do suffice for the creation of a unique identification for a device. Although it is possible to create or compliment an authentication procedure from the process described in document 83221, that is not its intention, and, moreover, its contents do not consider, directly, the creation of a similar process.
This is also what happens with Microsoft's publication titled: PRODUCT ACTIVATION FOR WINDOWS XP-TECHNICAL MARKET BULLETIN. This publication describes validation methods of Windows XP computer program that aim to avoid illegal copies (piracy) or even fraudulent product purchase. The configurations proposed for these methods also have a univocal characteristic, of some complexity for the ordinary user, who would be inhibited to practice fraudulent actions.